firefox, nspr, nss, xulrunner security update

CentOS Errata and Security Advisory CESA-2010:0681 Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVS...

seamonkey security update

CentOS Errata and Security Advisory CESA-2010:0680 Updated seamonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 4. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System...

[SECURITY] [DSA 2106-1] New xulrunner packages fix several vulnerabilities

------------------------------------------------------------------------ Debian Security Advisory DSA-2106-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff September 08, 2010 http://www.debian.org/security/faq -...

Critical: Red Hat Security Advisory: firefox security update

Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings...

RHEL 3 / 4 : seamonkey (RHSA-2010:0680)

Updated SeaMonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 4. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

RHEL 4 / 5 : thunderbird (RHSA-2010:0682)

An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

CVE-2009-3167

CVE-2009-3167 affects Anantasoft Gazelle CMS 1.0. A directory traversal flaw in index.php allows reading arbitrary files via a .. sequence in the template parameter when magic_quotes_gpc is disabled. This is a server-side input handling issue in the template parameter, enabling potential exposure...

CVE-2009-3167

creationtimestamp| type| source ---|---|--- 2009-01-28 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/7895 2009-08-12 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/9425...

CVE-2008-3167

CVE-2008-3167 concerns BoonEx Dolphin 6.1.2 and related components, showing multiple PHP remote file inclusion vulnerabilities. The issues allow an attacker to execute arbitrary PHP code by supplying a URL to unsafely handled inputs: (1) dir[plugins] to HTMLSax3.php and safehtml.php within plugin...

CVE-2008-3167

creationtimestamp| type| source ---|---|--- 2008-07-08 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/6024...

CVE-2007-3167

CVE-2007-3167 describes a stack-based buffer overflow in the Vivotek Motion JPEG ActiveX control (MjpegControl) within MjpegDecoder.dll version 2.0.0.13. The vulnerability arises from handling a very long PtzUrl property value, which can overflow a stack buffer and allow a remote attacker to exec...

CVE-2006-3167

The CVE-2006-3167 vulnerability affects Free Realty before 2.9. The issue arises from unspecified manipulations that produce an error message, allowing remote attackers to obtain the full path and other sensitive information. This is a confidentiality impact (partial) without evidence of data int...

CVE-2005-3167

The CVE-2005-3167 entry concerns MediaWiki before 1.4.11 with an incomplete blacklist that fails to remove CSS inputs (HTML inline style attributes). This allows remote attackers to execute cross-site scripting (XSS) via Internet Explorer, as the inputs are processed as active content. The vulner...